| blob | 6fc2379753329e76e48d986780ed320ced2d6c7c |
1 {
2 stdenv,
3 lib,
4 fetchurl,
5 fetchpatch,
6 alsa-lib,
7 AudioUnit,
8 CoreServices,
9 }:
11 let
13 fetchDebianPatch =
14 {
15 name,
16 debname,
17 sha256,
18 }:
19 fetchpatch {
20 inherit sha256 name;
21 url = "https://salsa.debian.org/multimedia-team/audiofile/raw/debian/0.3.6-4/debian/patches/${debname}";
22 };
24 in
26 stdenv.mkDerivation rec {
27 pname = "audiofile";
28 version = "0.3.6";
30 buildInputs =
31 lib.optionals stdenv.hostPlatform.isLinux [
32 alsa-lib
33 ]
34 ++ lib.optionals stdenv.hostPlatform.isDarwin [
35 CoreServices
36 AudioUnit
37 ];
39 src = fetchurl {
40 url = "https://audiofile.68k.org/audiofile-${version}.tar.gz";
41 sha256 = "0rb927zknk9kmhprd8rdr4azql4gn2dp75a36iazx2xhkbqhvind";
42 };
44 outputs = [
45 "out"
46 "dev"
47 "man"
48 ];
50 # std::unary_function has been removed in c++17
51 makeFlags = [ "CXXFLAGS=-std=c++11" ];
53 # Even when statically linking, libstdc++.la is put in dependency_libs here,
54 # and hence libstdc++.so passed to the linker, just pass -lstdc++ and let the
55 # compiler do what it does best. (libaudiofile.la is a generated file, so we
56 # have to run `make` that far first).
57 #
58 # Without this, the executables in this package (sfcommands and examples)
59 # fail to build: https://github.com/NixOS/nixpkgs/issues/103215
60 #
61 # There might be a more sensible way to do this with autotools, but I am not
62 # smart enough to discover it.
63 preBuild = lib.optionalString stdenv.hostPlatform.isStatic ''
64 make -C libaudiofile $makeFlags
65 sed -i "s/dependency_libs=.*/dependency_libs=' -lstdc++'/" libaudiofile/libaudiofile.la
66 '';
68 patches = [
69 ./gcc-6.patch
70 ./CVE-2015-7747.patch
72 (fetchDebianPatch {
73 name = "CVE-2017-6829.patch";
74 debname = "04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch";
75 sha256 = "04qxl51i64c53v69q2kx61qdq474f4vapk8rq97cipj7yrar392m";
76 })
77 (fetchDebianPatch {
78 name = "CVE-2017-6827+CVE-2017-6828+CVE-2017-6832+CVE-2017-6835+CVE-2017-6837.patch";
79 debname = "05_Always-check-the-number-of-coefficients.patch";
80 sha256 = "1ih03kfkabffi6ymp6832q470i28rsds78941vzqlshnqjb2nnxw";
81 })
82 (fetchDebianPatch {
83 name = "CVE-2017-6839.patch";
84 debname = "06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch";
85 sha256 = "0a8s2z8rljlj03p7l1is9s4fml8vyzvyvfrh1m6xj5a8vbi635d0";
86 })
87 (fetchDebianPatch {
88 name = "CVE-2017-6830+CVE-2017-6834+CVE-2017-6836+CVE-2017-6838.patch";
89 debname = "07_Check-for-multiplication-overflow-in-sfconvert.patch";
90 sha256 = "0rfba8rkasl5ycvc0kqlzinkl3rvyrrjvjhpc45h423wmjk2za2l";
91 })
92 (fetchDebianPatch {
93 name = "audiofile-fix-multiplyCheckOverflow-signature.patch";
94 debname = "08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch";
95 sha256 = "032p5jqp7q7jgc5axdnazz00zm7hd26z6m5j55ifs0sykr5lwldb";
96 })
97 (fetchDebianPatch {
98 name = "CVE-2017-6831.patch";
99 debname = "09_Actually-fail-when-error-occurs-in-parseFormat.patch";
100 sha256 = "0csikmj8cbiy6cigg0rmh67jrr0sgm56dfrnrxnac3m9635nxlac";
101 })
102 (fetchDebianPatch {
103 name = "CVE-2017-6833.patch";
104 debname = "10_Check-for-division-by-zero-in-BlockCodec-runPull.patch";
105 sha256 = "1rlislkjawq98bbcf1dgl741zd508wwsg85r37ca7pfdf6wgl6z7";
106 })
107 ];
109 meta = with lib; {
110 description = "Library for reading and writing audio files in various formats";
111 homepage = "http://www.68k.org/~michael/audiofile/";
112 license = licenses.lgpl21Plus;
113 maintainers = with maintainers; [ lovek323 ];
114 platforms = platforms.unix;
115 };
116 }